package Controller;


import java.io.IOException;

import javax.servlet.RequestDispatcher;
import javax.servlet.ServletException;
import javax.servlet.annotation.WebServlet;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import javax.servlet.http.HttpSession;

import DAO.DAOFactory;
import DAO.EmployeeDAO;
import Model.*;

/**
 * Servlet implementation class EmployeeChangePassword
 */
@WebServlet("/EmployeeChangePassword")
public class EmployeeChangePassword extends HttpServlet {
	private static final long serialVersionUID = 1L;
       
    public EmployeeChangePassword() {
        super();
        // TODO Auto-generated constructor stub
    }

	protected void doGet(HttpServletRequest request, HttpServletResponse response)
		throws ServletException, IOException
	{
		Authenticate(request,response);
	}
	
	protected void doPost(HttpServletRequest request, HttpServletResponse response)
		throws ServletException, IOException
	{
		Authenticate(request,response);
	}

	protected void Authenticate (HttpServletRequest request, HttpServletResponse response)
		throws ServletException, IOException
	{
		HttpSession thisSession = request.getSession(false);
		Object tempO = thisSession.getAttribute(LoginStaff.SESSION_KEY);
		if (tempO == null) {			//If no object found, redirect back to login
			response.sendRedirect(LoginStaff.LOGIN_CONTROL);
		} else {						//Otherwise User is authenticated
			UserStaff thisUser = (UserStaff) tempO;
			String isSubmit = request.getParameter("IsSubmit");
			String lastOldPassword = request.getParameter("OldPassword");
			String oldPasswordErrorMsg = "";
			String lastNewPasswordA = request.getParameter("NewPasswordA");
			String newPasswordAErrorMsg = "";
			String lastNewPasswordB = request.getParameter("NewPasswordB");
			String newPasswordBErrorMsg = "";
			String overallErrorMsg = "";
			
			//Functions for First Load
			if (isSubmit == null) {		
				//Do Nothing
			}	
			
			//Functions for Submission
			else {
				boolean validatePass = true;
				if (lastOldPassword.length() == 0)
				{
					oldPasswordErrorMsg = "Please Enter your old Password";
					validatePass = false;
				}
				if (lastNewPasswordA.length() == 0) {
					newPasswordAErrorMsg = "Please Enter a new Password";
					validatePass = false;
				} else {
					if (lastNewPasswordB.length() == 0) {
						newPasswordBErrorMsg = "Please retype your new Password";
						validatePass = false;
					} else if (! lastNewPasswordB.equals(lastNewPasswordA) ) {
						newPasswordBErrorMsg = "New Passwords do not match";
						validatePass = false;						
					}
				}
				
				//If Validation passes: Check Employee
				if (validatePass) {			
					EmployeeDAO empDAO = 	//get DAO
						DAOFactory.getInstance().getEmployeeDAO();
					EmployeeBean employee = new EmployeeBean();
					try{
						employee = empDAO.findEmployeeById( thisUser.getEmployeeid() );
						if ( employee.getPassword().equals(lastOldPassword) ) {
							employee.setPassword(lastNewPasswordA);	
							empDAO.updatePassword(employee);
							overallErrorMsg = "Password Successfully Changed!";
						} else {
							oldPasswordErrorMsg = "Old Password entered was Incorrect";
						}
					} catch (Exception e) {
						e.printStackTrace();
						oldPasswordErrorMsg = "Database Error. Please Try Again Later";
					}
				}				
			}
			request.setAttribute("OldPasswordErrorMsg", oldPasswordErrorMsg);
			request.setAttribute("NewPasswordAErrorMsg", newPasswordAErrorMsg);
			request.setAttribute("NewPasswordBErrorMsg", newPasswordBErrorMsg);
			request.setAttribute("OverallErrorMsg", overallErrorMsg);
			RequestDispatcher rd = request.getRequestDispatcher("EmployeeChangePassword.jsp");
			rd.forward(request, response);	
		}
	}
}
